馃寪 Website Issue | Re-evaluate if key disclosure laws still apply to Canada #1167
Comments
I feel a bit uncomfortable with this issue title as I don't think any of us is a lawyer. I haven't read the links yet. |
maybe we could ask someone on the subreddit /r/legaladvice to see if any lawyer would be willing to assist us with this. |
If they don't get a response, perhaps try the EFF? https://www.eff.org/pages/legal-assistance They focus a lot on legal and political stuff. I would assume they know. While you are at it, perhaps just ask if any of the countries listed need to be updated. Wikipedia section: |
Canada should not be listed in this section. The Wikipedia page that it links to as a "source" literally says you cannot be compelled to hand over the keys.
Another thing to note, under Canadian law, a COMPANY cannot be forced to hand over encryption keys, nor log users as it would be considered an illegal wiretap. Source: I run a VPN company in Canada, and had lawyers conduct legal research before opening the company in this justification. I've also personally spoken to most major law enforcement agencies in US, Canada and abroad, and been on a receiving end of dozens of subpoenas. |
As an update date, we are reconsidering our approach for laws in specific countries. Alliances like the five eyes come and go, key disclosure laws as well, and as we don have a lawyer on our team, its really hard to give up date accurate information on this topic. On of our plans is to makes these subjects more generic, and instead of warning against specific countries(which can lead someone to believe their safe, but arent as we didnt notice his countries new law yet), we are going to try and explain more in detail what alliances and different types of laws mean, and how the generally work, and point people that they should do their own homework about their own countries laws, to make it sure for themselves. |
The whole "5 eyes" thing needs to go away. It's completely meaningless and is used a scare tactic by VPN "review" (marketing) sites to sell NordVPN and ExpressVPN. The whole point of the "5 eyes" alliance was to spy on the soviets (and other enemies of the alliance). It's 2019. Offshore zones with loose laws and high corruption rates are not a better jurisdictions for a VPN. If a country has no data retention laws that apply to VPNs, and the government cannot compel a company to collect logs on all users (as the case with Canada), why is that a worse jurisdiction than some 3rd world country, where a VPN company paid some lawyer to open a shell company for $1500? |
I would say Canada does not have key disclosure law https://en.wikipedia.org/wiki/Key_disclosure_law#Canada https://old.reddit.com/r/privacytoolsIO/comments/7tvph8/canada_does_not_have_a_key_disclosure_law/ also this reddit thread. I also didn't see anything mentioned about it here https://laws-lois.justice.gc.ca/eng/acts/S-6.9/page-1.html unless it could be considered undermining the security of Canada, in that case you'd probably be whisked off to a blacksite and they would employ some rubber hose cryptoanalysis extra-judical style. We really are not giving advice for people seeking that kind of threat model. We should probably include a key disclosure law section, but in reality it really only applies to full disk encryption/encryption of files etc. |
Description
This was brought up in the Matrix chat room by theBlackHierophant that stemmed from
https://old.reddit.com/r/privacytoolsIO/comments/crdd8b/about_the_59_and_14_eyes/:
The text was updated successfully, but these errors were encountered: